Marks an Ash resource as a SCIM User resource per RFC 7643 §4.1.
Add to your user resource:
defmodule MyApp.Accounts.User do
use Ash.Resource,
domain: MyApp.Accounts,
extensions: [AshAuthentication, AshScim.User]
scim do
map :userName, attribute: :email
map :active, attribute: :active
complex :name do
map :givenName, attribute: :first_name
map :familyName, attribute: :last_name
end
multivalued :emails do
map :value, attribute: :email
map :primary, value: true
end
end
# ... attributes, actions, etc.
end
See AshScim.Dsl.Map, AshScim.Dsl.Complex, and AshScim.Dsl.Multivalued
for the per-entity options.
Configure how this resource is exposed via SCIM 2.0.
The presence of an AshScim.User or AshScim.Group extension enables
this resource for inclusion in an AshScim.Router. Mapping declarations
describe how Ash attributes are projected to and from SCIM JSON.
- map
- complex
- map
- multivalued
- map
| Name | Type | Default | Docs |
|---|---|---|---|
path{: #scim-path } |
String.t |
"/Users" |
URL path under which this resource is mounted (relative to the SCIM root). |
schema{: #scim-schema } |
String.t |
"urn:ietf:params:scim:schemas:core:2.0:User" |
The SCIM schemas URN advertised for this resource. |
read_action{: #scim-read_action } |
atom |
The Ash read action used by SCIM GET requests. Defaults to the resource's primary read action. |
|
create_action{: #scim-create_action } |
atom |
The Ash create action used by SCIM POST requests. Defaults to the resource's primary create action. |
|
update_action{: #scim-update_action } |
atom |
The Ash update action used by SCIM PUT/PATCH requests. Defaults to the resource's primary update action. |
|
destroy_action{: #scim-destroy_action } |
atom |
The Ash destroy action used by SCIM DELETE requests. Defaults to the resource's primary destroy action. |
|
meta?{: #scim-meta? } |
boolean |
true |
Emit the standard SCIM meta object (created, lastModified, location, resourceType). |
map nameMap a SCIM attribute name to an Ash attribute (or a static value).
| Name | Type | Default | Docs |
|---|---|---|---|
name{: #scim-map-name .spark-required} |
atom |
The SCIM attribute name (camelCase per RFC 7643), e.g. :userName. |
| Name | Type | Default | Docs |
|---|---|---|---|
attribute{: #scim-map-attribute } |
atom |
The Ash attribute on this resource that backs the SCIM attribute. | |
value{: #scim-map-value } |
any |
A static value to emit for this SCIM attribute. Useful inside multivalued mappings, e.g. map :primary, value: true. Mutually exclusive with attribute. |
|
case_exact?{: #scim-map-case_exact? } |
boolean |
RFC 7643 caseExact. Defaults to false for strings. |
|
returned{: #scim-map-returned } |
:always | :never | :default | :request |
RFC 7643 returned. Defaults to :default. |
|
mutability{: #scim-map-mutability } |
:read_only | :read_write | :immutable | :write_only |
RFC 7643 mutability. Defaults to :read_write. |
|
uniqueness{: #scim-map-uniqueness } |
:none | :server | :global |
RFC 7643 uniqueness. Defaults to :none. |
Target: AshScim.Dsl.Map
complex nameDeclare a SCIM complex (object-valued) attribute.
| Name | Type | Default | Docs |
|---|---|---|---|
name{: #scim-complex-name .spark-required} |
atom |
The SCIM attribute name for the complex object, e.g. :name. |
| Name | Type | Default | Docs |
|---|---|---|---|
returned{: #scim-complex-returned } |
:always | :never | :default | :request |
RFC 7643 returned. Defaults to :default. |
|
mutability{: #scim-complex-mutability } |
:read_only | :read_write | :immutable | :write_only |
RFC 7643 mutability. Defaults to :read_write. |
map nameMap a SCIM attribute name to an Ash attribute (or a static value).
| Name | Type | Default | Docs |
|---|---|---|---|
name{: #scim-complex-map-name .spark-required} |
atom |
The SCIM attribute name (camelCase per RFC 7643), e.g. :userName. |
| Name | Type | Default | Docs |
|---|---|---|---|
attribute{: #scim-complex-map-attribute } |
atom |
The Ash attribute on this resource that backs the SCIM attribute. | |
value{: #scim-complex-map-value } |
any |
A static value to emit for this SCIM attribute. Useful inside multivalued mappings, e.g. map :primary, value: true. Mutually exclusive with attribute. |
|
case_exact?{: #scim-complex-map-case_exact? } |
boolean |
RFC 7643 caseExact. Defaults to false for strings. |
|
returned{: #scim-complex-map-returned } |
:always | :never | :default | :request |
RFC 7643 returned. Defaults to :default. |
|
mutability{: #scim-complex-map-mutability } |
:read_only | :read_write | :immutable | :write_only |
RFC 7643 mutability. Defaults to :read_write. |
|
uniqueness{: #scim-complex-map-uniqueness } |
:none | :server | :global |
RFC 7643 uniqueness. Defaults to :none. |
Target: AshScim.Dsl.Map
Target: AshScim.Dsl.Complex
multivalued nameDeclare a SCIM multi-valued attribute (an array of complex objects).
| Name | Type | Default | Docs |
|---|---|---|---|
name{: #scim-multivalued-name .spark-required} |
atom |
The SCIM attribute name for the multivalued array, e.g. :emails. |
| Name | Type | Default | Docs |
|---|---|---|---|
relationship{: #scim-multivalued-relationship } |
atom |
The name of a has_many relationship on this resource that backs this multivalued attribute. When set, encoding loads the relationship and emits one array element per related record; PATCH operations on this attribute manipulate the related rows directly. Sub-map declarations reference attributes on the related resource. Either relationship: or mirror_primary_to: must be set. |
|
mirror_primary_to{: #scim-multivalued-mirror_primary_to } |
atom |
Names a scalar attribute on this resource that mirrors the SCIM value of the multivalued's primary entry. With relationship: also set, the relationship is the source of truth for SCIM output and mirror_primary_to: keeps the parent scalar in sync (e.g. for use as a login identity). Without relationship:, the parent scalar is the source of truth: SCIM emails is collapsed to one element on read, and writes pick the primary entry's value into the scalar. The other sub-attributes (primary, type) can be filled in via static value: decorators on sub-maps. The primary entry is picked as: the entry with primary: true if one exists; otherwise the lexicographically first entry by value. Either relationship: or mirror_primary_to: must be set. |
|
returned{: #scim-multivalued-returned } |
:always | :never | :default | :request |
RFC 7643 returned. Defaults to :default. |
|
mutability{: #scim-multivalued-mutability } |
:read_only | :read_write | :immutable | :write_only |
RFC 7643 mutability. Defaults to :read_write. |
map nameMap a SCIM attribute name to an Ash attribute (or a static value).
| Name | Type | Default | Docs |
|---|---|---|---|
name{: #scim-multivalued-map-name .spark-required} |
atom |
The SCIM attribute name (camelCase per RFC 7643), e.g. :userName. |
| Name | Type | Default | Docs |
|---|---|---|---|
attribute{: #scim-multivalued-map-attribute } |
atom |
The Ash attribute on this resource that backs the SCIM attribute. | |
value{: #scim-multivalued-map-value } |
any |
A static value to emit for this SCIM attribute. Useful inside multivalued mappings, e.g. map :primary, value: true. Mutually exclusive with attribute. |
|
case_exact?{: #scim-multivalued-map-case_exact? } |
boolean |
RFC 7643 caseExact. Defaults to false for strings. |
|
returned{: #scim-multivalued-map-returned } |
:always | :never | :default | :request |
RFC 7643 returned. Defaults to :default. |
|
mutability{: #scim-multivalued-map-mutability } |
:read_only | :read_write | :immutable | :write_only |
RFC 7643 mutability. Defaults to :read_write. |
|
uniqueness{: #scim-multivalued-map-uniqueness } |
:none | :server | :global |
RFC 7643 uniqueness. Defaults to :none. |
Target: AshScim.Dsl.Map
Target: AshScim.Dsl.Multivalued